Bio Ecko Platform Architecture

February 2026 · 14 min

Technology Stack Overview

Bio Ecko is a modern, cloud-native hospital ERP. Understanding the stack helps you communicate with developers and answer client questions about security, performance, and scalability.

FC Takeaway: You don't need to know how to code in React or SQL. But knowing that the database is PostgreSQL helps when discussing data migration. Knowing the app is hosted on Vercel helps when answering uptime and performance questions.

The 61-Module Ecosystem

Bio Ecko organizes its functionality into 61 modules across 11 categories. Each module is a self-contained functional area with its own screens, data tables, and business logic.

FC Relevance: Not every hospital activates all 61 modules. A small 30-bed hospital might use 15-20 modules. Part of your discovery phase is identifying which modules the client needs.

Data Architecture -- Tables, Tenancy, and Isolation

Bio Ecko's database contains 319 tables organized around key entities:

Core Entities:

• organizations -- The tenant (hospital/chain). All data belongs to an organization.
• profiles -- Users (doctors, nurses, staff). Linked to Supabase Auth.
• patients -- The central clinical entity. Every clinical, billing, and lab record links back to a patient.
• appointments / admissions -- OPD and IPD encounters.
• bills / payments -- Financial transactions.

Tenant Isolation: Every table has an organization_id column. Row Level Security (RLS) policies ensure:

• A user from Hospital A can never read or write Hospital B's data
• Even if a developer makes a coding mistake, the database itself blocks cross-tenant access
• This is enforced at the PostgreSQL level, not just the application level

Audit Trail: Critical tables have created_at, updated_at, created_by, and updated_by columns. Some tables (medications, diagnoses) also have a full audit log for regulatory compliance.

Authentication and Session Management

Bio Ecko uses Supabase Auth for authentication:

1. Login -- User enters email/phone + password. Supabase Auth validates and returns a JWT (JSON Web Token).
2. Session -- The JWT is stored as an HTTP-only cookie (not localStorage -- more secure). It auto-refreshes.
3. Role Resolution -- After login, Bio Ecko reads the user's profiles record to determine their role (doctor, nurse, admin, etc.) and organization.
4. Hub Routing -- Based on the role, the user is redirected to their role-specific dashboard hub (Nurse Hub, Pharmacist Hub, etc.).

Password Security:

• Passwords are hashed with bcrypt (industry standard; never stored in plain text)
• Brute-force protection via rate limiting
• Password complexity rules configurable per organization

FC Configuration:

• Set up user accounts during implementation
• Assign correct roles (critical: a nurse should NOT have admin access)
• Configure password policies per organizational requirements
• Set up the fallback admin account for emergency access

Real-Time Features

Bio Ecko leverages Supabase Realtime (WebSocket subscriptions) for live-updating screens:

Why It Matters for the FC:

• Real-time screens reduce the need for staff to refresh or check manually
• During CRP (Conference Room Pilot), demonstrate real-time updates to wow stakeholders
• If a hospital has poor internet, real-time features may lag -- discuss infrastructure requirements during discovery

Deployment and Infrastructure

Bio Ecko is deployed on Vercel with the database on Supabase Cloud:

Uptime & Reliability:

• Vercel provides 99.99% uptime SLA for production deployments
• Supabase provides daily automated backups with 7-day retention (configurable)
• Point-in-time recovery allows restoring to any second in the last 7 days

FC Talking Points for Client Discussions:

• "Your data is encrypted at rest and in transit"
• "Backups happen automatically every day; we can recover to any point in the last week"
• "The system auto-scales -- whether you have 10 users or 500 online simultaneously"
• "No on-premise server to maintain -- updates are deployed with zero downtime"

Offline Considerations

Bio Ecko is a cloud-first application. It requires an internet connection to function. This is an important conversation during discovery:

What Happens If Internet Goes Down:

• Users see a connection lost indicator
• Pending form submissions are NOT saved locally (no offline mode currently)
• Once connection resumes, users continue from where they left off (session persists)

FC Guidance for Hospitals:

1. Recommend a dual ISP setup (primary broadband + 4G/5G backup) for all clinical workstations
2. Ensure the hospital has a UPS/inverter for network equipment (router, switches)
3. For remote/rural facilities with unreliable internet, discuss if Bio Ecko is the right fit or if a hybrid approach is needed
4. Document the internet dependency clearly in the BRD so there are no surprises at go-live

Future Roadmap: Progressive Web App (PWA) capabilities for critical offline workflows (e.g., vitals entry, medication administration) are on the product roadmap.

Notes

Related topics